Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 4, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
2141	-	-	（複数のベンダ）	（複数の製品）	CISA ICS Advisory / ICS Medical Advisory（2026年05月12日）	-	-	2026-05-14 17:11	2026-05-13	Show	GitHub Exploit DB Packet Storm

2142	-	-	シーメンス	(複数の製品)	Siemens製品に対するアップデート（2026年5月）	-	CVE-2024-3596 CVE-2026-27446	2026-05-14 17:11	2026-05-13	Show	GitHub Exploit DB Packet Storm

2143	7.8	重要 Local	wps キングソフト株式会社	WPS Office2 WPS Cloud WPS Cloud Pro KINGSOFT PDF Pro	WPS Officeで使用される名前付きパイプに対するアクセス制御不備の脆弱性	CWE-Other その他	CVE-2018-6400	2026-05-14 12:07	2026-05-14	Show	GitHub Exploit DB Packet Storm

2144	6.5	警告 Network	Augmentt Technology	Augmentt	Augmentt TechnologyのAugmenttにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-6355	2026-05-14 10:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

2145	9.6	緊急 Network	Augmentt Technology	Augmentt	Augmentt TechnologyのAugmenttにおけるアクセス制御の不十分な粒度に関する脆弱性	CWE-1220 アクセス制御の不十分な粒度	CVE-2026-6356	2026-05-14 10:23	2026-04-22	Show	GitHub Exploit DB Packet Storm

2146	5.1	警告 Local	Mozilla Foundation	thin-vec	Mozilla Foundationのthin-vecにおける複数の脆弱性	CWE-415 CWE-416	CVE-2026-6654	2026-05-14 10:23	2026-04-20	Show	GitHub Exploit DB Packet Storm

2147	7.2	重要 Network	SUN NET TECHNOLOGIES CO., LTD.	eHRD CPAS eHRD CTMS	SUN NET TECHNOLOGIES CO., LTD.のeHRD CPAS等の複数製品における危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2026-7490	2026-05-14 10:23	2026-05-2	Show	GitHub Exploit DB Packet Storm

2148	6.3	警告 Network	Router-For.ME	CLI Proxy API	Router-For.MEのCLI Proxy APIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-8081	2026-05-14 10:23	2026-05-7	Show	GitHub Exploit DB Packet Storm

2149	9.1	緊急 Network	LibreNMS	LibreNMS	LibreNMSにおけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2024-51092	2026-05-14 10:23	2026-05-8	Show	GitHub Exploit DB Packet Storm

2150	9.8	緊急 Network	The PHP Group	PHP	The PHP GroupのPHPにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2025-14179	2026-05-14 10:23	2026-05-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311771	5.3	MEDIUM Network	theinnovs	eleforms	The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several functions in all v…	CWE-862 Missing Authorization	CVE-2024-6626	2024-11-9 06:18	2024-11-6	Show	GitHub Exploit DB Packet Storm

311772	9.8	CRITICAL Network	fortinet	fortimanager_cloud fortimanager	A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through…	CWE-306 Missing Authentication for Critical Function	CVE-2024-47575	2024-11-9 06:16	2024-10-24	Show	GitHub Exploit DB Packet Storm

311773	9.8	CRITICAL Network	websiteinwp	blogpoet	Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blogpoet: from n/a through 1.0.3.	CWE-862 Missing Authorization	CVE-2024-43998	2024-11-9 06:11	2024-11-2	Show	GitHub Exploit DB Packet Storm

311774	8.8	HIGH Network	geekcodelab	login_as_users	Missing Authorization vulnerability in Geek Code Lab Login As Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login As Users: from n/a through 1.4.3.	CWE-862 Missing Authorization	CVE-2024-43982	2024-11-9 06:11	2024-11-2	Show	GitHub Exploit DB Packet Storm

311775	8.8	HIGH Network	ayecode	geodirectory	Missing Authorization vulnerability in AyeCode – WP Business Directory Plugins GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GeoDirectory: fr…	CWE-862 Missing Authorization	CVE-2024-43981	2024-11-9 06:10	2024-11-2	Show	GitHub Exploit DB Packet Storm

311776	8.8	HIGH Network	combodo	itop	Combodo iTop is a simple, web based IT Service Management tool. This vulnerability can be used to create HTTP requests on behalf of the server, from a low privileged user. The user portal form manage…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2024-51740	2024-11-9 06:09	2024-11-6	Show	GitHub Exploit DB Packet Storm

311777	9.8	CRITICAL Network	didi	super-jacoco	A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cov/triggerUnitCover. The manipulation of t…	CWE-78 OS Command	CVE-2024-10919	2024-11-9 06:07	2024-11-7	Show	GitHub Exploit DB Packet Storm

311778	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-i…	CWE-908 Use of Uninitialized Resource	CVE-2024-50110	2024-11-9 06:05	2024-11-6	Show	GitHub Exploit DB Packet Storm

311779	6.1	MEDIUM Network	themehigh	checkout_field_editor	The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘render_review_request_notice’ function in all versions up to…	CWE-79 Cross-site Scripting	CVE-2024-8499	2024-11-9 06:01	2024-10-4	Show	GitHub Exploit DB Packet Storm

311780	6.5	MEDIUM Network	eclipse	jetty	There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending cra…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2024-8184	2024-11-9 06:00	2024-10-15	Show	GitHub Exploit DB Packet Storm